# Filters added to this controller apply to all controllers in the application.
# Likewise, all the methods added will be available for all controllers.

class ApplicationController < ActionController::Base
  # Pick a unique cookie name to distinguish our session data from others'
  session :session_key => '_labbo_session_id'
  before_filter :get_logged_user
  
private
  # Get logged user or redirect to login page
  #
  def get_logged_user
    if session[:user_id]
      @logged_user = User.find(:first, :conditions => {:id => session[:user_id]})
      if @logged_user
        return true
      else
        session[:user_id] = nil
        redirect_to new_session_url
        return false
      end
    else
      redirect_to new_session_url
      return false
    end
  end
  
  # Only teachers should be allowed in
  #
  def only_teachers
    unless(@logged_user.is_teacher? || @logged_user.is_admin?)
      respond_to do |wants|
        wants.html { render :text => "You're not allowed to access this page", :layout => true, :status => 401 }
        wants.js   { render :nothing => true, :status => 401 }
        wants.xml  { head :not_authorized }
      end
      return false
    end
    return true
  end
  
  # Only students should be allowed in
  #
  def only_students
    if @logged_user.is_teacher?
      respond_to do |wants|
        wants.html { render :text => "You're not allowed to access this page", :layout => true, :status => 401 }
        wants.js   { render :nothing => true, :status => 401 }
        wants.xml  { head :not_authorized }
      end
      return false
    end
    return true
  end
  
  # Only members should be allowed in
  #
  def only_members
    return true if @group.is_member?(@logged_user)
    respond_to do |wants|
      wants.html { render :text => "You're not allowed to access this page", :layout => true, :status => 401 }
      wants.js   { render :nothing => true, :status => 401 }
      wants.xml  { head :not_authorized }
    end
    return false
  end
  
  # Only teachers or members should be allowed in
  #
  def is_teacher_or_member
    return true if @logged_user.is_teacher?
    return true if @group.is_member?(@logged_user)
    respond_to do |wants|
      wants.html { render :text => "You're not allowed to access this page", :layout => true, :status => 401 }
      wants.js   { render :nothing => true, :status => 401 }
      wants.xml  { head :not_authorized }
    end
    return false
  end

  # Only teachers or owners should be allowed in
  #
  def is_teacher_or_owner
    return true if @logged_user.is_teacher?
    return true if @group.is_owner?(@logged_user)
    respond_to do |wants|
      wants.html { render :text => "You're not allowed to access this page", :layout => true, :status => 401 }
      wants.js   { render :nothing => true, :status => 401 }
      wants.xml  { head :not_authorized }
    end
    return false
  end
  
  # Retrieves @project using params[:project_id]
  #
  def get_project
    @project = Project.find(params[:project_id])
    raise if @project.nil?
    return true
  rescue
    respond_to do |wants|
      wants.html { render :text => "The project you're looking for doesn't exist!", :layout => true, :status => 404 }
      wants.js   { render :nothing => true, :status => 404 }
      wants.xml  { head :not_found }
    end
    return false
  end
  
  # Retrieves @teaching using params[:class_id]
  #
  def get_class
    @teaching = @project.teachings.find(params[:class_id])
    raise if @teaching.nil?
    return true
  rescue
    respond_to do |wants|
      wants.html { render :text => "The class you're looking for doesn't exist!", :layout => true, :status => 404 }
      wants.js   { render :nothing => true, :status => 404 }
      wants.xml  { head :not_found }
    end
    return false
  end
end
